Keyboard Privacy Explained: Can It Read Your Passwords?

AI keyboard privacy explained

Keyboard Privacy Explained: Can It Read Your Passwords?

The short version: no, a third-party keyboard can't read your passwords, and no, it doesn't secretly record everything you type. iOS is built specifically to prevent that. Here's the actual mechanism, not just the reassurance.

Can keyboards read passwords?

No. iOS detects secure text fields — password fields, card number fields, one-time codes — and automatically switches to Apple's own keyboard for them, no matter which third-party keyboard is active. The custom keyboard isn't asked to step aside politely; iOS swaps it out at the system level, before any text is entered. There's no permission that overrides this.

Can they read everything I type?

No, and this is the part people misunderstand about Full Access. Full Access lets a keyboard reach the internet — it does not hand it a live feed of every keystroke across every app. iOS only exposes a small amount of text immediately around the cursor, in the field you're currently typing in. A keyboard can't reach into other apps, can't read what you typed yesterday, and can't see anything outside the field currently focused.

ClaimReality
Full Access = reads everything NoIt enables internet access, not screen-wide reading
Keyboard sees the whole device NoOnly text near the cursor in the active field
Keyboard sees password fields NoIOS force-switches to Apple's keyboard there
Keyboard sees other apps in the background NoNo access outside the active text field

Can they spy?

Technically, a keyboard extension with Full Access could transmit whatever text passes through the exposed field — that's true of any keyboard, including well-known ones. What stops it isn't a magic technical wall, it's App Store review, Apple's developer agreement, and the fact that this behavior is detectable and gets an app pulled. Practically: a keyboard can only "spy" on what you actually type into a field while it's active, nothing retroactive, nothing from other apps, nothing from secure fields.

What Full Access actually grants

One thing, functionally: internet access, so the keyboard can reach an online service. Without it, a keyboard is fully sandboxed with zero network calls — fine for a keyboard that only inserts static text, useless for one that needs to call an AI model. Full Access does not grant background execution, does not grant location, contacts, photos, or any other permission. It's scoped to exactly one capability.

What decides how much you should trust a keyboard

Not the permission itself — the developer's actual behavior. What to check: does it explain what's sent and when, does it only transmit text you explicitly submit, is there a real privacy policy, is the developer identifiable. Checker only sends text after you choose an action; nothing moves in the background.

What a keyboard can and can't do, at a glance

Can it?
Read a password field NoIOS blocks this at the system level
Read text in other apps NoOnly the active field is exposed
Read everything typed today NoOnly text near the cursor, in the moment
Send text to an online AI service Only with Full Access, and only what you submit
Run in the background without you typing No

Frequently asked questions

Can a keyboard extension see my password?

No. iOS automatically replaces third-party keyboards with its own keyboard in secure fields like passwords and payment codes.

Does Full Access mean the keyboard reads everything on my phone?

No. Full Access enables internet access. iOS still only exposes text near the cursor in the field currently in use.

How do I know if a keyboard is spying on me?

You mostly can't verify it directly, but App Store review, a clear privacy policy, and an identifiable developer are the practical signals worth checking.

Does Checker send my text in the background?

No. Checker only sends text after you explicitly choose an action — nothing is transmitted while you're just typing.